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What is Computer 

Security? 



• Covers a wide area of computing and 
information processing 

• Several terms and metrics have entered our 
daily business vocabulary 

• The availability and trustworthiness of data can 
be the difference between success and failure 
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Security Controls 

Computer security is often divided into three 
distinct master categories, commonly referred to as 
controls 

•Physical 



Technica 



Administrative 
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Security Controls 

ContcL 
Physical control 

Physical control is the implementation of security 
measures in a defined structure used to deter or 
prevent unauthorized access to sensitive 
material. 

• Closed-circuit surveillance cameras 

• Motion or thermal alarm systems 

• Security guards 

• Picture IDs 
Locked and dead-bolted steel doors 
Biometrics (includes fingerprint, voice, face, iri 

handwriting, and other automated methods used J 

to recognize individuals) 
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Security Controls 

ContcL 
Technical control 

Technical controls use technology as a basis 

for controlling the access and usage of 

sensitive data 

throughout a physical structure and over a 

network. Technical controls are far-reaching 

in scope and 

encompass such technologies as 



Encryption 

Smart cards 

Network authentication 

Access control lists (ACLs) 

File integrity auditing software 
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Security Controls 

Cont'd.. 
Administrative control 

Administrative controls define the human 

factors of security. They involve all levels of 

personnel within 

an organization and determine which users 

have access to what resources and 

information by such 

means as 

Training and awareness 
Disaster preparedness and recovery plans 
Personnel recruitment and separation strategi 
Personnel registration and accounting _ 
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Thinking Like the Enemy 



«• Given the complexity of today's software and networking 
* ^» environments, exploits and bugs are a certainty. 



you must think like a cracker and gauge the security of your 
systems by checking for weaknesses 




• There can be potential issues that can be addressed before 
a cracker explores it. 

• Think about your system's security by taking your home as an 
example. 



• Focus on their tools, mentality, and motivations, and you can then 
react swiftly to their actions. 
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Defining Assessment 

and Testing 



Vulnerability Assessment 




External 



Internal 



Benefits 



Creates proactive focus on information security 
Finds potential exploits before crackers find them 
Results in systems being kept up to date and patched 
Promotes growth and aids in developing staff expertise 
Reduce financial loss and negative publicity 



rfudcon 

w KUALA LUMPUR 



MAY 18-20, 2012 




Hacker and Cracker 

Hacker... 
Bad or Good? 



Hacking Culture^^ 
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Threats 

Threats to 

•Network Security 

•Server Security 
•Workstation and 
Home PC Security ^ i 
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Threats to Network 

Security 

Insecure Architecture 

A misconfigured network is a primary entry point for 
unauthorized users. 

Centralized Servers 

Introduces a single point of failure on the network 

Broadcast Network 

Most vulnerable to address resolution protocol (ARP) or 
media access control (MAC) 
address spoofing by both outside intruders and 
unauthorized users on local hosts. 
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Threats to Server 

Security 

Unused service and ports 

A common occurrence among system administrators is to instal 

the operating system without paying 

attention to what programs are actually being installed. 



Unpathced Services 

There is no such thing as perfect software and there is always 
room for further refinement. 
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Threats to Workstation 
and Home PC Security 



Bad Passwords 

Bad passwords are one of the easiest ways for an 
attacker to gain access to a system. 



Vulnerable Client Application 

Although an administrator may have a fully secure 
and patched server, that does not mean remote 
users are secure when accessing it. 
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Common Exploits and 

Attacks 



Null or Default Passwords 

Leaving administrative passwords 
blank or using a default password set 
by the product vendor. 



Default Shared Keys 



Secure services sometimes package 
default security keys for development 
or evaluation testing purposes. 
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Common Exploits and 
Attacks Contd... 



IP Spoofing 

A remote machine acts as a node on 

your local network, finds vulnerabilities with your 

servers, and installs a 

backdoor program or trojan horse 

to gain control over your network 

resources. 



Eavesdropping 

Collecting data that passes between 
two active nodes on a network by 
eavesdropping on the connection 
between the two nodes. 
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Common Exploits and 
Attacks Contd... 



Service Vulnerabilities 



An attacker finds a flaw or loophole 
in a service run over the Interne 



Application Vulnerabilities 

Attackers find faults in desktop and 
workstation applications 

Denial of Service (DoS) Attacks 

Attacker or group of attackers 

coordinate against an organization's 

network or server resources by 

sending unauthorized packets to the ^*tudCOn 

target host w ^ kuala lumpur 
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Verifying Signed 



Packages 
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Install Signed 
Packages 
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BIOS and Boot Loader 

Security 

BIOS passwords 

I 1. Preventing Changes to BIOS Settings 

I 2. Preventing System Booting 



Securing non-X86 
Platforms 

Ex. Intel® ItaniumTM computers use 
the Extensible Firmware Interface (EFI) 
shell 
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Boot Loader Security 

Boot Loader passwords 



1. Preventing Access to Single User Mode 



2. Preventing Access to the GRUB Console 



3. Preventing Access to Insecure Operating 
Systems 
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Password Security 



• Primary method that Fedora uses to verify a 
user's identity 

• Data Encryption Standard (DES) and Message 
Digest Algorithm (MD5) 

• /etc/shadow and /etc/passwd 
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Creating Strong Passwords 



4 



Do Not Use Only Words or Numbers 

Do Not Use Recognizable Words 

Do Not Use Words in Foreign Languages 

Do Not Use Personal Information 

Do Not Use Hacker Terminology (LEET) 

Do Not Invert Recognizable Words 

Do Not Write Down Your Password 

■ Do Not Use the Same Password For All Machines 
Make the Password at Least Eight Characters Long 
Mix Upper and Lower Case Letters 
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• Include Non-Alphanumeric Characters 

• Pick a Password You Can Remember 
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Secure Password 
Creation Methodology 
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Creating User 
Passwords within an 



Organization 
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Forcing Strong 
Passwords 



fudcon 

KUALA LUMPUR 



MAY 18-20, 2012 




Password 
Aging 
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Disabling Root 
SSH Logins 
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The su 
Command 
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The sudo 
Command 
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